Browse Source

Latest Docs

Josh Mudge 11 months ago
8 changed files with 87 additions and 0 deletions
  1. +1
  2. BIN
  3. +86
      All/Sign Using OV
  4. BIN
  5. BIN
  6. BIN
  7. BIN
  8. BIN

+ 1
- 0
.gitignore View File

@@ -0,0 +1 @@

All/Powershelladmin.png View File

Before After
Width: 777  |  Height: 684  |  Size: 46 KiB

+ 86
- 0
All/Sign Using OV View File

@@ -0,0 +1,86 @@
# Purpose

We're going to be looking at how to get a code-signing certificate, how to sign code with it and use that to create a setup file. This setup file will contain another signed file that will launch a basic web server. The setup file will create a firewall rule for the server so it won't need to prompt the user with a firewall settings prompt.

# Obtaining a Code Signing Certificate

Purhcase a code-signing certificate:
Be aware that you will likely need to create a Dun & Bradstreet listing, depending on the company you order the certificate from: (this is free)
The validation process will take 1-3 business days if you have entered all of your business information correctly and give them your D-U-N-S (Dun & Bradstreet) number. After you receive an email containing a link to the certificate, follow these directions in the **exact same** browser as the one you used to request the certificate :

# Signing a File

[Screenshot] Next, you will need to install Visual Studio with the "Universal Windows App Development Tools" workload. You can click on the list of sub-items and un-select everything except the Windows 10 SDK. You can download Visual Studio here:

Open a "Developer Command Prompt for VS".


# Sign a file with your certificate.
SignTool sign /t /f codesigning.p12 /p <Password> file.exe


You should see something like this:


# Creating the Setup File

I'm using a few different Go tools to allow us to create the web server, a firewall rule and put the server file inside our setup app.

## Server

First of all, you'll want to install Golang:
Then you'll want to install [goversioninfo]( by running the following in a command prompt:

go get

This will allow us to set the name of the program, version, etc. and most importantly, which manifest file to use.

[Configuration options / usage.]

## Firewall Rule


# working directory is dir
dir, err := os.Getwd()
if err != nil {
Might have to create another variable set to the string and add the path.

# This command will create the firewall rule.
New-NetFirewallRule -DisplayName "Name of Rule" -Direction Inbound -Program "C:\path\to\app\file.exe" -Action Allow

You should see something like this:


Manifest file:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>

## Put Server In Setup File


All/addfirewallrule.png View File

Before After
Width: 862  |  Height: 703  |  Size: 36 KiB

All/adminpromptnewcert.png View File

Before After
Width: 458  |  Height: 334  |  Size: 16 KiB

All/developerprompt.png View File

Before After
Width: 784  |  Height: 676  |  Size: 50 KiB

All/donesigning.png View File

Before After
Width: 979  |  Height: 510  |  Size: 20 KiB

All/signfile.png View File

Before After
Width: 978  |  Height: 514  |  Size: 17 KiB